.\" Generated from openpam_borrow_cred.c by gendoc.pl
.Dd May 31, 2025
.Dt OPENPAM_BORROW_CRED 3
.Os
.Sh NAME
.Nm openpam_borrow_cred
.Nd temporarily borrow user credentials
.Sh SYNOPSIS
.In sys/types.h
.In security/pam_appl.h
.In security/openpam.h
.Ft "int"
.Fn openpam_borrow_cred "pam_handle_t *pamh" "const struct passwd *pwd"
.Sh DESCRIPTION
The
.Fn openpam_borrow_cred
function saves the current credentials and
switches to those of the user specified by its
.Fa pwd
argument.
The affected credentials are the effective UID, the effective GID, and
the group access list.
The original credentials can be restored using
.Xr openpam_restore_cred 3 .
.Pp
.Sh RETURN VALUES
The
.Fn openpam_borrow_cred
function returns one of the following values:
.Bl -tag -width 18n
.It Bq Er PAM_SUCCESS
Success.
.It Bq Er PAM_BUF_ERR
Memory buffer error.
.It Bq Er PAM_PERM_DENIED
Permission denied.
.It Bq Er PAM_SYSTEM_ERR
System error.
.El
.Sh SEE ALSO
.Xr setegid 2 ,
.Xr seteuid 2 ,
.Xr setgroups 2 ,
.Xr openpam_restore_cred 3 ,
.Xr pam 3 ,
.Xr pam_strerror 3
.Sh STANDARDS
The
.Fn openpam_borrow_cred
function is an OpenPAM extension.
.Sh AUTHORS
The
.Fn openpam_borrow_cred
function and this manual page were
developed for the
.Fx
Project by ThinkSec AS and Network Associates Laboratories, the
Security Research Division of Network Associates, Inc.\& under
DARPA/SPAWAR contract N66001-01-C-8035
.Pq Dq CBOSS ,
as part of the DARPA CHATS research program.
.Pp
The OpenPAM library is maintained by
.An Dag-Erling Sm\(/orgrav Aq Mt des@des.dev .
